Supporting different x_auth_access_types with oauth/authenticate


I’ve registered my app as “Read and write” and have allowed “Sign in with Twitter”

My app has some features that just require signin, and others that require write access.

I would like to escalate users from Read-only to Read-and-write when they want to use a feature that requires write access.

I’m running into a problem using Twitters oauth/authenticate for automatic redirect when a user is signing in and has already authenticated.

Here’s the problem:

For my Sign In button, I set the x_auth_access_type to “read.” Unless I set this parameter, it defaults to “read and write.” Because I have read-only features, I don’t want write access by default.

If a user chooses a feature that requires write access, I send them to oauth/authorize with x_auth_access_type = “write.” This promotes the account as expected.

The issue is when a promoted user signs out and wants to sign back in. Now my Sign In button, with x_auth_access_type set to read, forces a user to re-authenticate the app with read-only permissions. It does this instead of automatically redirecting back to my application (the desired result).

If I remove the x_auth_access_type parameter (or set it to “write”), then promoted users redirect fine, but I have no way of providing a read-only Sign In.

Is there a way to provide automatic redirect regardless of the user’s access level?